Job Description, Responsibilities And Duties
Leading laboratory diagnostics company is looking for a colleague responsible for driving and managing the security architecture across the region, ensuring alignment with the organization's business objectives in order to protect the organization's information assets.
Key Responsibilities
* Bridging Business Objectives with Security Initiatives and Requirements: Collaborate with Unilabs markets and businesses to understand their objectives and integrate security requirements into business processes.
* Conceptually manage the organization's information security governance in the given region.
* Ensure the security policies and practices support the region's business goals while at the same time mitigate the risks.
* Ensures the application of security measures in the local cyber security management systems.
* Design and present security strategies and concepts.
* Adhering to Local Regulatory/Certification Needs (ISO, CE+, Cybersecurity Acts, Audits, etc.): Ensure compliance with local and international regulations and certifications across the region.
* Manage regular audits and ensure the provision of cooperation to the internal and external audits in the area of information and cyber security.
* Maintain necessary certifications and update security policies to reflect regulatory changes.
* Meet the knowledge standards for the position of Cyber Security Managers according to applicable local regulations in the given region.
* Supporting Tenders and Client Security Enquiries: Provide expert security input during the tender process and respond to client security enquiries.
* Manage information and cyber security in the relationship with suppliers and in the procurement, design and development of software and systems.
* In the given region oversee the security projects and the implementation of new security technologies into the organization's environment.
* Develop and maintain standardized documentation to showcase the organization’s security posture and compliance with relevant standards.
* M&A Security: Lead security due diligence during mergers and acquisitions within the region.
* Post-acquisition, integrate the acquired entities’ security frameworks into the existing organization’s practices.
* Employee Cybersecurity Awareness: Design and implement regional cybersecurity awareness programs.
* Conduct training sessions, phishing simulations and awareness campaigns to educate employees on security best practices and threats.
* Ensure the building of security awareness in the field of information and cyber security protection.
* Security Policy Dissemination and Monitoring: Oversee the communication and enforcement of security policies across the region.
* Ensure the creation and updating of the organization's internal security policies, standards and procedures across the region.
* Evaluate the fulfillment of internal regulations related to the management of the security of information assets across the region.
* Utilize monitoring tools to ensure compliance and provide additional training or corrective actions as needed.
* Risk and Vulnerability Remediation: Identify, assess, and prioritize security risks and vulnerabilities across the region.
* Lead remediation efforts and ensure timely resolution of identified issues to protect the organization from potential threats.
* Implement and ensure the proper operation of security risk management processes and treatment of security threats.
* Manage the process of assessing technical vulnerabilities of systems.
* Incident Management: Lead the regional response to security incidents, ensuring quick and effective containment, investigation, and resolution.
* Coordinate with global teams to align incident management practices and reporting.
* Manage the processes of detection, resolution and prevention of cyber security incidents.
* Business Continuity Management (BCM): Participate in the design of BCM methodologies and oversee the processes of recovery of operational activities including the methodologies in the processes of Disaster Recovery planning.
* Independence of the Regional Security Lead: When designing, adopting and enforcing security measures, the Regional Security Lead is independent from the structure of operation management and the development of information technology services.
* The Regional Security Lead has the opportunity to submit proposals in writing and report information in the field of cyber security directly to the statutory body(s) or members of the company's management in the given region.
Employee perks, benefits
* Contributions to pension and life insurance
* Flexible benefits plan / Cafeteria and Multisport card
* Loyalty and anniversary bonuses
* Support of education and professional growth
* Stability, career prospects, and team support
* Educational courses and training
* Meal vouchers/meal allowance above legal limit
* Psychological, legal, and financial counseling – Employee Assistance Program
* Sick leave
* Discounts on company products/services
#J-18808-Ljbffr